ID de Prueba:	1.3.6.1.4.1.25623.1.0.801588
Categoría:	Databases
Título:	IBM Db2 DBADM Privilege Revocation Security Bypass Vulnerability
Resumen:	IBM Db2 is prone to a security bypass vulnerability.
Descripción:	Summary: IBM Db2 is prone to a security bypass vulnerability. Vulnerability Insight: The flaw is due to an error in the application while revoking 'DBADM' privileges. This does not restrict users from executing non-DDL statements. Vulnerability Impact: Successful exploitation allows remote authenticated users to execute non-DDL statements by leveraging previous possession of this authority. Affected Software/OS: IBM Db2 version 9.1 before FP10, version 9.5 before FP6a and version 9.7 before FP2. Solution: Upgrade to IBM Db2 version 9.1 FP10, 9.5 FP6a, 9.7 FP2 or later. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0757 AIX APAR: IC66811 http://www.ibm.com/support/docview.wss?uid=swg1IC66811 AIX APAR: IC66814 http://www.ibm.com/support/docview.wss?uid=swg1IC66814 AIX APAR: IC66815 http://www.ibm.com/support/docview.wss?uid=swg1IC66815 BugTraq ID: 46064 http://www.securityfocus.com/bid/46064 http://osvdb.org/70773 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14295 http://secunia.com/advisories/43148 XForce ISS Database: ibm-db2-dbadm-priv-esc(65008) https://exchange.xforce.ibmcloud.com/vulnerabilities/65008
Copyright	Copyright (C) 2011 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.